|
|
|
|
|
|
by richard_cubano
4336 days ago
|
|
|
I liked the one that was a C program that used argv[0] (or argv[1] - cant remember) as the connection string for an SQL database. Then the answer was SQL injection. I mean, sure, you can argue that's a flaw with the program, but it's also THE ONLY POSSIBLE USE for the program. I got 5/5 on advanced, but I don't think that proves anything. For most of the questions my response would be "decomp your code better and use comments." |
|
|